Next Meetup

Security by Design Principles -- an offensive workshop @ emarsys [hu]
### In short: Secure coding skills are valuable competencies for any developer. By the end of the workshop/meetup, you will understand and comfortably apply the introduced security design principles. Being familiar with them can help you spot and correct dangerous design or implementation details which means faster development and reduced operational cost. A meetup with workshop flavor: You can fire up developer tools in the browser on your laptop and go hands-on offensive mode. Or you can attend in listening mode (no gear required). Both modes will work.) Duration: 90' lecture/workshop+QA+chat, 1 break Language: HU ### More about the workshop: Securing an application is not just an extra build step that you can add to the end of a pipeline. To make sure your application is as secure as possible you need to follow certain principles and best practices during the whole development cycle. To demonstrate the importance of considering security from the ground up, I invite you to a hands-on offensive presentation where you will get the chance to witness how an intentionally badly designed website’s weak points got exploited. After that you can learn about what design principles weren’t followed during the development and how similar real-life vulnerabilities affected big companies. I encourage you to follow the challenges and bring your own laptop. A modern browser with developer tools is necessary and you should have some experience in web development. As part of my job, I regularly organize internal offensive security trainings. I believe that the offensive workshop format with real-life examples works great in raising awareness because it’s exciting and instructive. -- Soma Erdélyi # About the trainer/speaker: Soma Erdélyi is currently working at Emarsys in Budapest as a member of the Application Security team. Beside building tools that automate and supervise company processes the team actively supports other developer teams when they design or implement safety-critical features. In his spare time, Soma likes working on hobby electronics projects with Arduinos and Raspberry Pis. ### The kitchen: Pizza by Emarsys ### Special thanks: dr. Zoltán L. Németh [u-szeged] ### https://www.linkedin.com/groups/4692397/ https://www.facebook.com/owasp.hu Illustration by the-fogz: https://www.deviantart.com/the-fogz/art/The-Workshop-417189916

Emarsys CraftLab

1053, Budapest, Kossuth Lajos utca 7-9 · Budapest

    Past Meetups (11)

    What we're about

    Az OWASP (https://www.owasp.org/) talán a legnagyobb szakmai szervezet, mely a webes alkalmazások és az alkalmazásfejlesztés biztonságával foglalkozik, állítólag 45K résztvevővel és támogatóval*. Ez egy hálózatos szervezet amerikai székhellyel, és egy vagy néhány tagozattal minden országban. Az OWASP másik dimenziója -- a projektek, bárki csinálhat projektet**, ha szakmailag megfelelő színvonalú. A leghíresebb projekt a TOP10 (https://github.com/OWASP/Top10/tree/master/2017) -- erről azt kell tudni, hogy egy oktatási anyag, pedig sajnos sokan szent standardként használják. Alkalmazásbiztonsági standardod az ASVS (https://github.com/OWASP/ASVS) projekt állít fel, ez végre egy közös nevező a biztonsági tesztelők (régi nevükön: hackerek), a fejlesztők és az alkalmazás tervezők között. És van még rengeteg más projekt:
    https://github.com/OWASP

    * Világszerte 20K tag az OWASP meetup csoportokban ( https://www.meetup.com/pro/owasp )

    ** https://www.owasp.org/index.php/Category:OWASP_Project#tab=Starting_a_New_Project

    Members (411)

    Photos (176)